Upgrading and fixing the vulnerability in the Spring Framework doesn’t seem to have the same level of urgency or energy as patching the Log4j library did back in December

from Dark Reading https://ift.tt/vXSaPLi
via IFTTT